port scanning - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: port scanning

  1. #11
    Senior Member
    Join Date
    Jul 2001
    Posts
    343
    I wish that Port Scans are really illegal.....
    My servers get scanned every now and then
    when they break through my ISP's IDS system

    Most law enforcement in my area is totally clueless
    and every time they go after a Internet Bad Guy
    it gets thrown out for one reason or another....

    Usually they go after a Kiddie Porn Problem
    and usually do pretty good on that.

    But I will say they did nail that Buffalo Spammer
    which is not that far from me.....
    Franklin Werren at www.bagpipes.net
    Yes I do play the Bagpipes!

    And learning to Play the Bugle

  2. #12
    Senior Member
    Join Date
    Jun 2004
    Posts
    184
    Maby you can disable the port scanner for no dead ports and what port scanner are you using because some just do not work at all and who are you scaning? Yourself?

  3. #13
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    but as VictorKaum pointed out some legislations might try to show that a port scan is a certain warning for a future intrusion attempt.
    That could be a bit of a "worrier". I scan computers quite regularly. Why? Because I want to know their "stance" as a result of suspicious activity from them in the first place. It is almost always an unsolicited contact on their behalf though I have had occasions where one of my workstations contacted them sometime recently and the activity followed either right away or soon after. I do it for a good reason. If the box shows me a bunch of open ports it's probably compromised. If I can then make some kind of connection, (anon ftp, wierd http etc.), then it goes straight on my blocked list.

    On the bright side I can show all the contacts between me and it, I can show they pre-empted the conversation, that I scanned, was suspicious, connected and left.

    Aren't log files just the "Bee's Knees"?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #14
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    In the case of a sysadmin I guess it's not as likely for the authorities to be too picky, especially if you have logs on your side. As a security professional it would be your job to ensure the safety of your network. But before you alert the powers that be about possible illegal activities you need to make sure that's the case[so you don't call the FBI or ISPs everyday].

    But a random computer scanning successive ranges does trigger some suspicion.
    /\\

  5. #15
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,065
    I have superscan 3.0, do you think that's a good port scanner? I know there is now a superscan 4.0 but I'm to lazy to upgrade lol .
    I am the uber duck!!1
    Proxy Tools

  6. #16
    Senior Member
    Join Date
    Jun 2004
    Posts
    184
    nothing is wrong body maby your port scanner is broken

  7. #17
    Senior Member
    Join Date
    Feb 2004
    Location
    Near Manchester (England)
    Posts
    145
    Originally posted here by Tiger Shark

    On the bright side I can show all the contacts between me and it, I can show they pre-empted the conversation, that I scanned, was suspicious, connected and left.

    Aren't log files just the "Bee's Knees"?
    Please correct me if I'm wrong...

    Wouldn't it be very easy to fabricate some log files? In which, case you would need the log files from the other end of the "Conversation," to coroborate (sp?) your story to the investigating authorities! If the machine you connected to really is compromised the owner will, most likely, not have a clue about log files - so you're safe. If, however, the machine is not compromised what are the chances of the complaining owner deleting or doctoring his log files?

    Hmmmm.....
    Tomorrow is another day for yesterdays work!

  8. #18
    Banned
    Join Date
    Apr 2004
    Posts
    410
    well i agree with simon it is very very easy to fabricate, once they authorites cathch you it'll be hard to prove thatyou are innocent.

    complications,complications .

    my advice to you be care ful using that tool

  9. #19
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Originally posted here by Simple Simon
    Please correct me if I'm wrong...

    Wouldn't it be very easy to fabricate some log files? In which, case you would need the log files from the other end of the "Conversation," to coroborate (sp?) your story to the investigating authorities! If the machine you connected to really is compromised the owner will, most likely, not have a clue about log files - so you're safe. If, however, the machine is not compromised what are the chances of the complaining owner deleting or doctoring his log files?

    Hmmmm.....
    You can fabricate log files, but you cannot fabricate the log files on your ISP [unless you decide you're able to hack into their network and change stuff around]. Usually your log files will indicate a certain activity, and the ISP can confirm or infirm [to the authorities] that what you're saying is true, based on their logs.

    I'm not sure of what you mean by safe... do you mean as an attacker you're safe? Because that wouldn't be the case, I mean it's enough for them to complain to respective authorities and his ISP would dig up some logs and so on so forth.
    /\\

  10. #20
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    I get port scanned every couple of days. I automatically whosit the addy and send an email to the abuse address that is in that solution.
    The benifit of this, is very seldom have I ever been scanned more than once from the same block of addresses. The one time when, I did get scanned multiple times from the same IP block, I got a note from their abuse people saying that the offender was removed from their service.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •